Lockbit ransomware group conflict with XSS forum administration is escalating. Lockbit ransomware group is threatening to have XSS forum administrator murdered (???).

We have never witnessed such a visceral reaction to being banned from a forum and being labeled a scammer.

We spoke with Lockbit ransomware group regarding the allegations of murder. Lockbit administration staff said they never explicitly stated they wanted the XSS administrator murdered - they said they will do as they deem fit when they get his personal information.

The IGN Twitter account is compromised. It's remarkable how sneakily Epsilon group took control.

The Discord in their Twitter profile is not IGNs. It links to a Discord server Epsilon group controls.

Give us toothbrush malware samples or you're a goddamn liar >:(

https://www.zdnet.com/home-and-office/smart-home/3-million-smart-toothbrushes-were-just-used-in-a-ddos-attack-really/

We've updated the vx-underground Windows malware paper collection

- 2024-01-22 - Demonstrating proxy DLL loading
- 2024-01-24 - Demonstrating Remote TLS Callback Injection
- 2024-02-01 - Unmanaged .NET Patching
- 2024-02-02 - GetProcAddress usage via ordinal

We have conducted the largest DdoS attack in history. We are sending 572^265 TiBs/second using 3 hamsters and an old soggy toothbrush we found on the side of the road

(Toothbrush not pictured)

Cloudflare is cool and badass

If you don't have a Valentine for Valentine's Day, we'll be your Valentine.

We've updated the vx-underground Malware Analysis collection. We've added 86 new papers.

Thanks to our friends over at @malpedia for helping us stay up-to-date every month.

Check it out here: https://vx-underground.org/Papers/Malware%20Defense/Malware%20Analysis

Some nerd is visiting vx-underground, with a wilderness background, to bamboozle us into believing they're outside.

We should have known Apple Vision Pro nerds wouldn't go outside 😡

Hello,

As is tradition, we accidentally did an oopsie. Our search function is botched and downloads on files aren't working. We pushed some code to prod without actually testing if the file download part worked.

Testing code before pushing to prod is for nerds

Thanks,

Problem has been resolved. Please continue downloading malware.

The new Windows 11 sudo.exe is displaying something strange in IDA 🤔🤔🤔 what could it mean

Today James Forshaw (tiraniddo) did a quick assessment on the new Windows 11 Sudo.exe.

Despite his quick assessment, the blog post is wonderful. It is an excellent read. We recommend it:)

tl;dr fancier ShellExecute 😭

https://www.tiraniddo.dev/2024/02/sudo-on-windows-quick-rundown.html

We've updated our Windows malware paper collection

- 2023-11-22 - ETW internals for security research & forensics
- 2024-02-08 - Bypassing ApplyOnce limitation in GPO with key removal
- 2024-02-08 - Executing CSharp Assemblies from C code
- 2024-02-09 - Sudo On Windows

Chainalysis' report indicates ransomware *payments exceeded $1,100,000,000 in 2023.

*Payments which are confirmed to be attributed to ransomware attacks, more attacks may not have been identified

More information: https://www.chainalysis.com/blog/ransomware-2024/

We've uploaded more malware samples to vx-underground.

InTheWild && Bazaar && VirusSign

It is over 100,000 new samples.

Please download them, they're very lonely and scared.